package com.unicom.auth.interceptor;

import java.util.List;

import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import com.jfinal.core.Controller;
import com.jfinal.plugin.auth.SessionKit;
import com.unicom.auth.controller.base.ResourceType;
import com.unicom.auth.controller.dto.MyAppJSON;
import com.unicom.auth.model.Resource;
import com.unicom.auth.model.User;

public class AuthorizationInterceptor implements Interceptor {

	

	@Override
	public void intercept(Invocation inv) {
		// TODO Auto-generated method stub
		Controller controller = inv.getController();
		String uri=controller.getRequest().getRequestURI();
		User user = (User) controller.getSession().getAttribute("user");
		List<Resource> resources=Resource.dao.findResources(user, ResourceType.RESOURCE.toString());
		boolean exist=false;
		for (Resource resource : resources) {
			if (uri.contains(resource.getPatternUrl())) {
				exist=true;
				break;
			}
		}
		if (exist) {
			inv.invoke();
		}else {
			MyAppJSON<String> appJSON=new MyAppJSON<>();
			appJSON.setErrCode(MyAppJSON.ERR_AUTH);
			appJSON.setMessage("授权失败");
			controller.renderJson(appJSON);
		}
		 
	}

}
